<html>
<head><meta charset="utf-8"><title>New OS shims · miri · Zulip Chat Archive</title></head>
<h2>Stream: <a href="https://rust-lang.github.io/zulip_archive/stream/269128-miri/index.html">miri</a></h2>
<h3>Topic: <a href="https://rust-lang.github.io/zulip_archive/stream/269128-miri/topic/New.20OS.20shims.html">New OS shims</a></h3>

<hr>

<base href="https://rust-lang.zulipchat.com">

<head><link href="https://rust-lang.github.io/zulip_archive/style.css" rel="stylesheet"></head>

<a name="224883753"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/269128-miri/topic/New%20OS%20shims/near/224883753" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Thom Chiovoloni <a href="https://rust-lang.github.io/zulip_archive/stream/269128-miri/topic/New.20OS.20shims.html#224883753">(Feb 02 2021 at 15:09)</a>:</h4>
<p>What's the requirement for adding a shim to an OS api? Does miri only want to support stuff used by libstd? Or is there some threshold of non-libstd usage that would be acceptable. (I'm assuming the answer isn't "miri will grow until it reimplements the entire win32, and POSIX api surfaces" — although that would make things easy for me!)</p>
<p>I mean, I imagine it's might be a case-by-case basis and depends on the complexity of the implementation and how common it is, but in general are there guidelines here? Is it "file an issue to discuss first" thing? Or are new shims for reasonably common APIs likely to be accepted if their implementation isn't unreasonably complex.</p>
<p>Concretely: I'd be interested in filling in some gaps so I can test more systems code under miri. Specifically I'd like to various bits of lower level threading code under the race detector, but miri lacks support for certain primitives (especially on windows).</p>



<a name="224885589"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/269128-miri/topic/New%20OS%20shims/near/224885589" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Thom Chiovoloni <a href="https://rust-lang.github.io/zulip_archive/stream/269128-miri/topic/New.20OS.20shims.html#224885589">(Feb 02 2021 at 15:22)</a>:</h4>
<p>Some concrete examples of windows stuff I miss are:</p>
<ul>
<li><a href="https://docs.microsoft.com/en-us/windows/win32/api/synchapi/nf-synchapi-waitonaddress">WaitOnAddress</a> and friends (windows futex equivalents, I suspect the existing futex-implementing code could be repurposed to support it but haven't looked at all. (Note: This one is even used by libstd, I think!)</li>
<li>(Non-keyed) <a href="https://docs.microsoft.com/en-us/windows/win32/sync/event-objects">Event object</a> support, or at least the basics of it (stuff like WaitForMultipleObjects seems hard, but... would be super nice).</li>
<li><a href="https://docs.microsoft.com/en-us/windows/win32/procthread/fibers#fiber-local-storage">FlsAlloc/FlsGetValue/etc</a>. For code that never creates fibers¹, these are identical to TlsAlloc/TlsGetValue, but let you provide the destructor when creating the token (same as how you get to do that for <code>pthread_key_create</code>).</li>
</ul>
<p>(I mention these just for the sake of providing examples of the kinds of things, not to start a discussion about the values of each of these — although if they seem definitely unreasonable to support I'd like to know that up front)</p>
<p>¹ Note: I explicitly am not suggesting supporting creating fibers, which makes this trivial to implement (and in the unlikely event that miri ever does eventually support creating fibers in the future, it would need these functions at that point anyway)</p>



<a name="224887116"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/269128-miri/topic/New%20OS%20shims/near/224887116" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> oli <a href="https://rust-lang.github.io/zulip_archive/stream/269128-miri/topic/New.20OS.20shims.html#224887116">(Feb 02 2021 at 15:33)</a>:</h4>
<p>We're pretty open to adding new things. If you can expose something via just libstd code, then it's a definite yes. If there's a "popular" crate (whatever popular means) that will hit those code paths, then it's also something we like to add. Other than that... yea I guess just case by case. But so far we just added whatever someone was able to write a test for I think</p>



<a name="224892213"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/269128-miri/topic/New%20OS%20shims/near/224892213" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Thom Chiovoloni <a href="https://rust-lang.github.io/zulip_archive/stream/269128-miri/topic/New.20OS.20shims.html#224892213">(Feb 02 2021 at 16:04)</a>:</h4>
<p>that might just mean WaitOnAddress, since IDK of public crates using event objects (although it's <em>shocking</em> libstd doesn't use these anywhere) or FLS (presumably because <code>std::thread_local!</code> is so easy to reach for, even if it has... some issues).</p>
<p>tat said, WaitOnAddress support might be enough to allow the parking lot windows code to work under miri too (but it also might not be enough, not sure — I know it uses WaitOnAddress for the parker though, as does libstd but I imagine miri is goes via the generic parker in libstd)</p>



<a name="224893590"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/269128-miri/topic/New%20OS%20shims/near/224893590" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Thom Chiovoloni <a href="https://rust-lang.github.io/zulip_archive/stream/269128-miri/topic/New.20OS.20shims.html#224893590">(Feb 02 2021 at 16:13)</a>:</h4>
<p>Actually, it looks like libstd uses event objects in the windows pipe/overlapped io code apparently (for std::process::Command I think), although that is very unlikely to be enough for that code to work in miri</p>



<a name="224894569"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/269128-miri/topic/New%20OS%20shims/near/224894569" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> oli <a href="https://rust-lang.github.io/zulip_archive/stream/269128-miri/topic/New.20OS.20shims.html#224894569">(Feb 02 2021 at 16:20)</a>:</h4>
<p>oooh... <code>Command</code> is a gem</p>



<a name="224894585"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/269128-miri/topic/New%20OS%20shims/near/224894585" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> oli <a href="https://rust-lang.github.io/zulip_archive/stream/269128-miri/topic/New.20OS.20shims.html#224894585">(Feb 02 2021 at 16:20)</a>:</h4>
<p>I really hope we'll support it some day</p>



<a name="224895090"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/269128-miri/topic/New%20OS%20shims/near/224895090" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Thom Chiovoloni <a href="https://rust-lang.github.io/zulip_archive/stream/269128-miri/topic/New.20OS.20shims.html#224895090">(Feb 02 2021 at 16:23)</a>:</h4>
<p>I actually suspect supporting the pipe code it uses would give us a lot of the stuff used by various async io crates (since, well, it's doing async io). the unfortunate thing is that to support Command itself, you <em>actually</em> need to be doing the async IO still (at least if host == target), and not just doing something like "say its pending until GetOverlappedResult is called and then do it synchronously" or whatever.</p>



<a name="224895250"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/269128-miri/topic/New%20OS%20shims/near/224895250" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> oli <a href="https://rust-lang.github.io/zulip_archive/stream/269128-miri/topic/New.20OS.20shims.html#224895250">(Feb 02 2021 at 16:24)</a>:</h4>
<p>hmm</p>



<a name="224895301"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/269128-miri/topic/New%20OS%20shims/near/224895301" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> oli <a href="https://rust-lang.github.io/zulip_archive/stream/269128-miri/topic/New.20OS.20shims.html#224895301">(Feb 02 2021 at 16:25)</a>:</h4>
<p>I have no clue how that actually works under the hoods</p>



<a name="224895432"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/269128-miri/topic/New%20OS%20shims/near/224895432" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> oli <a href="https://rust-lang.github.io/zulip_archive/stream/269128-miri/topic/New.20OS.20shims.html#224895432">(Feb 02 2021 at 16:25)</a>:</h4>
<p>what we usually do in miri is use the platform independent impls and use them to emulate the platform specific stuff</p>



<a name="224895563"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/269128-miri/topic/New%20OS%20shims/near/224895563" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Thom Chiovoloni <a href="https://rust-lang.github.io/zulip_archive/stream/269128-miri/topic/New.20OS.20shims.html#224895563">(Feb 02 2021 at 16:26)</a>:</h4>
<p>right, and that's awesome because it makes it so nice to run under miri on different oses.</p>



<a name="224895681"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/269128-miri/topic/New%20OS%20shims/near/224895681" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> oli <a href="https://rust-lang.github.io/zulip_archive/stream/269128-miri/topic/New.20OS.20shims.html#224895681">(Feb 02 2021 at 16:27)</a>:</h4>
<p>I hear a "but" in that sentence</p>



<a name="224895766"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/269128-miri/topic/New%20OS%20shims/near/224895766" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Thom Chiovoloni <a href="https://rust-lang.github.io/zulip_archive/stream/269128-miri/topic/New.20OS.20shims.html#224895766">(Feb 02 2021 at 16:27)</a>:</h4>
<p>i think stuff like command will be hard on windows like that</p>



<a name="224895809"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/269128-miri/topic/New%20OS%20shims/near/224895809" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Thom Chiovoloni <a href="https://rust-lang.github.io/zulip_archive/stream/269128-miri/topic/New.20OS.20shims.html#224895809">(Feb 02 2021 at 16:27)</a>:</h4>
<p>but it's worth keeping that property</p>



<a name="224896256"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/269128-miri/topic/New%20OS%20shims/near/224896256" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Thom Chiovoloni <a href="https://rust-lang.github.io/zulip_archive/stream/269128-miri/topic/New.20OS.20shims.html#224896256">(Feb 02 2021 at 16:30)</a>:</h4>
<p>the fact that miri can run your code for different os/arches than host is one of my favorite features of miri (and is also why i'd like the windows api support to improve)</p>



<a name="224897092"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/269128-miri/topic/New%20OS%20shims/near/224897092" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Thom Chiovoloni <a href="https://rust-lang.github.io/zulip_archive/stream/269128-miri/topic/New.20OS.20shims.html#224897092">(Feb 02 2021 at 16:35)</a>:</h4>
<p>unfortunately, in practice for most of my stuff it's generally only usable for code that doesn't interact with the OS much... (that said, finally having an easy way to test big endian code was enormous on its own)</p>



<a name="224905448"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/269128-miri/topic/New%20OS%20shims/near/224905448" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Thom Chiovoloni <a href="https://rust-lang.github.io/zulip_archive/stream/269128-miri/topic/New.20OS.20shims.html#224905448">(Feb 02 2021 at 17:25)</a>:</h4>
<p><span class="user-mention silent" data-user-id="209168">Thom Chiovoloni</span> <a href="#narrow/stream/269128-miri/topic/New.20OS.20shims/near/224895766">said</a>:</p>
<blockquote>
<p>i think stuff like command will be hard on windows like that</p>
</blockquote>
<p>to elaborate here: the reason this seems hard is: the easy way to fake async IO seems like it would be to do it synchronously right before the result is actually needed. for a lot of stuff this is fine, and allows you to avoid having to reconcile between windows/unix different async io models when cross platform, or a mapping between handles returned to the user, and actual io state. unfortunately for some stuff (like command pipes, i think), it's not fine, and so you need the complexity. it seems totally tractable, just like it'd be hard.</p>



<a name="225415510"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/269128-miri/topic/New%20OS%20shims/near/225415510" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> RalfJ <a href="https://rust-lang.github.io/zulip_archive/stream/269128-miri/topic/New.20OS.20shims.html#225415510">(Feb 06 2021 at 14:58)</a>:</h4>
<p><span class="user-mention silent" data-user-id="124288">oli</span> <a href="#narrow/stream/269128-miri/topic/New.20OS.20shims/near/224887116">said</a>:</p>
<blockquote>
<p>We're pretty open to adding new things. If you can expose something via just libstd code, then it's a definite yes. If there's a "popular" crate (whatever popular means) that will hit those code paths, then it's also something we like to add. Other than that... yea I guess just case by case. But so far we just added whatever someone was able to write a test for I think</p>
</blockquote>
<p>agreed. to add to that, another factor is: the better the shim code can be isolated from the rest of Miri, the more likely the answer will be "yes" (and the easier review will be as well^^).</p>
<p>for Windows APIs, there's the additional issue of total unfamiliarity -- I cannot meaningfully review if the shim implementation makes sense, in particular I cannot review if it is sufficiently conservative (only exposing behavior that is guaranteed by the docs, avoiding any extra implementation-specific behavior). that also makes maintenance harder, so be prepared for us to bug you in the future if questions come up around shims you implemented. ;)</p>



<a name="225415639"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/269128-miri/topic/New%20OS%20shims/near/225415639" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> RalfJ <a href="https://rust-lang.github.io/zulip_archive/stream/269128-miri/topic/New.20OS.20shims.html#225415639">(Feb 06 2021 at 15:01)</a>:</h4>
<p><code>parking_lot</code> is certainly a sufficiently "widely used" library that anything it needs is fair game for inclusion in Miri. We just need to find good ways to test it. Our "compiletest" suite cannot use external crates, so there should probably be some basic tests interacting directly with the API; <code>cargo-miri-test</code> <em>can</em> use external crates, so that would be a good place for some integration tests. (right now the latter part is not terribly organized, but we do use this to test <code>rand</code>/<code>getrandom</code> and that has been useful... if you touch this code and think it could be structured better, feel free to :)</p>



<a name="225415726"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/269128-miri/topic/New%20OS%20shims/near/225415726" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> RalfJ <a href="https://rust-lang.github.io/zulip_archive/stream/269128-miri/topic/New.20OS.20shims.html#225415726">(Feb 06 2021 at 15:02)</a>:</h4>
<p>All that said, wouldn't the first step have to be thread spawn support for windows?</p>



<a name="225416217"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/269128-miri/topic/New%20OS%20shims/near/225416217" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> RalfJ <a href="https://rust-lang.github.io/zulip_archive/stream/269128-miri/topic/New.20OS.20shims.html#225416217">(Feb 06 2021 at 15:13)</a>:</h4>
<p><span class="user-mention silent" data-user-id="209168">Thom Chiovoloni</span> <a href="#narrow/stream/269128-miri/topic/New.20OS.20shims/near/224896256">said</a>:</p>
<blockquote>
<p>the fact that miri can run your code for different os/arches than host is one of my favorite features of miri (and is also why i'd like the windows api support to improve)</p>
</blockquote>
<p>that's good to know. :) when we started implementing shims for more and more things, I wasn't sure if supporting all these cross-evaluation setups would be worth it, so it's good to hear that the work paid out!</p>



<a name="226246889"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/269128-miri/topic/New%20OS%20shims/near/226246889" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Mara <a href="https://rust-lang.github.io/zulip_archive/stream/269128-miri/topic/New.20OS.20shims.html#226246889">(Feb 13 2021 at 14:17)</a>:</h4>
<p><span class="user-mention silent" data-user-id="209168">Thom Chiovoloni</span> <a href="#narrow/stream/269128-miri/topic/New.20OS.20shims/near/224885589">said</a>:</p>
<blockquote>
<ul>
<li><a href="https://docs.microsoft.com/en-us/windows/win32/api/synchapi/nf-synchapi-waitonaddress">WaitOnAddress</a> and friends (windows futex equivalents, I suspect the existing futex-implementing code could be repurposed to support it but haven't looked at all. (Note: This one is even used by libstd, I think!)</li>
</ul>
</blockquote>
<p>Yeah that one should be relatively easy. It can use the existing futex code, except that these Windows APIs can work on 1, 2, 4 or 8-byte sized futexes, wheras on unix platforms this is always 4 bytes.</p>
<p>(And yes, the thread parker of <code>std</code> uses it since somewhat recently.)</p>



<a name="226246950"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/269128-miri/topic/New%20OS%20shims/near/226246950" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Mara <a href="https://rust-lang.github.io/zulip_archive/stream/269128-miri/topic/New.20OS.20shims.html#226246950">(Feb 13 2021 at 14:18)</a>:</h4>
<p><span class="user-mention silent" data-user-id="209168">Thom Chiovoloni</span> <a href="#narrow/stream/269128-miri/topic/New.20OS.20shims/near/224892213">said</a>:</p>
<blockquote>
<p>tat said, WaitOnAddress support might be enough to allow the parking lot windows code to work under miri too (but it also might not be enough, not sure — I know it uses WaitOnAddress for the parker though, as does libstd but I imagine miri is goes via the generic parker in libstd)</p>
</blockquote>
<p>Yes, having <code>WaitOnAddress</code> and <code>WakeByAddressSingle</code> should be enough to have parking_lot working on Windows as well.</p>



<a name="226255780"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/269128-miri/topic/New%20OS%20shims/near/226255780" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Mara <a href="https://rust-lang.github.io/zulip_archive/stream/269128-miri/topic/New.20OS.20shims.html#226255780">(Feb 13 2021 at 17:12)</a>:</h4>
<p>oh and <a href="https://github.com/rust-lang/rust/pull/81478#issuecomment-770378432">https://github.com/rust-lang/rust/pull/81478#issuecomment-770378432</a> needs a solution first. the lookup for WaitOnAddress/WakeByAddressSingle now doesn't happen at all in miri.</p>



<hr><p>Last updated: Aug 07 2021 at 22:04 UTC</p>
</html>